|
267591
|
9.8 |
CRITICAL
Network
|
fedoraproject
cgit_project
|
fedora
cgit
|
Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1901
|
2024-11-21 11:47 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267592
|
3.7 |
LOW
Network
|
fedoraproject
cgit_project
|
fedora
cgit
|
CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit before 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP heade…
|
NVD-CWE-Other
|
CVE-2016-1900
|
2024-11-21 11:47 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267593
|
3.7 |
LOW
Network
|
fedoraproject
cgit_project
|
fedora
cgit
|
CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (X…
|
NVD-CWE-Other
|
CVE-2016-1899
|
2024-11-21 11:47 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267594
|
6.5 |
MEDIUM
Network
|
jasper_project
|
jasper
|
The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1867
|
2024-11-21 11:47 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267595
|
5.3 |
MEDIUM
Network
|
openbsd
|
openssh
|
The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1907
|
2024-11-21 11:47 |
2016-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267596
|
7.3 |
HIGH
Network
|
php
|
php
|
Multiple integer overflows in ext/standard/exec.c in PHP 7.x before 7.0.2 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a long string to the (1) ph…
|
CWE-189
Numeric Errors
|
CVE-2016-1904
|
2024-11-21 11:47 |
2016-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267597
|
9.1 |
CRITICAL
Network
|
php
|
php
|
The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or ca…
|
CWE-119
CWE-200
Incorrect Access of Indexable Resource ('Range Error')
Information Exposure
|
CVE-2016-1903
|
2024-11-21 11:47 |
2016-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267598
|
5.4 |
MEDIUM
Network
|
redhen_project
|
redhen
|
Multiple cross-site scripting (XSS) vulnerabilities in the Redhen module 7.x-1.x before 7.x-1.11 for Drupal allow remote authenticated users with certain access to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1913
|
2024-11-21 11:47 |
2016-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267599
|
5.4 |
MEDIUM
Network
|
dolibarr
|
dolibarr
|
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 allow remote authenticated users to inject arbitrary web script or HTML via the (1) lastname, (2) firstname, (3) email, (…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1912
|
2024-11-21 11:47 |
2016-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267600
|
6.1 |
MEDIUM
Network
|
sap
|
netweaver
|
Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) Runtime Workbench (RWB) or (2) Pm…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1911
|
2024-11-21 11:47 |
2016-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
